CVE-2024-27942
First published: Tue May 14 2024(Updated: )
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any unauthenticated client to disconnect any active user from the server. An attacker could use this vulnerability to prevent any user to perform actions in the system, causing a denial of service situation.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens RUGGEDCOM CROSSBOW | <5.5 | |
| Siemens RUGGEDCOM CROSSBOW | <5.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-27942?
CVE-2024-27942 is classified as a denial-of-service vulnerability.
How do I fix CVE-2024-27942?
To mitigate CVE-2024-27942, upgrade to RUGGEDCOM CROSSBOW version 5.5 or later.
What type of systems are affected by CVE-2024-27942?
CVE-2024-27942 affects all versions of RUGGEDCOM CROSSBOW prior to version 5.5.
What actions can an attacker perform with CVE-2024-27942?
An attacker can disconnect active users from the RUGGEDCOM CROSSBOW server, causing service disruption.
Who is the vendor for CVE-2024-27942?
The vendor for CVE-2024-27942 is Siemens.
- agent/references
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/type
- agent/severity
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- agent/event
- vendor/ruggedcom
- canonical/siemens ruggedcom crossbow
- vendor/siemens